News Archive

Investing in Hacking

It’s said that many investors have moved their fortunes from gold to bitcoin and other crypto currencies. Investing in crypto currencies comes with a big risc and we would like to look for alternative segments which also have growth. Security stocks is globally in a growing trend at the stock market and this is something that

Hacking Tool – S3 decloaker

As the first website in the world, we got our hands on a secretly leaked hacking tool - that's still working. Our source says that Amazon knows about it but haven't still prioritized/managed to patch the vulnerability. Remember where you found it first. Only at 

How Gurkirat Singh managed hacking Facebook

Hacking Facebook – Flaw in the recovery process Gurkirat Singh is a security researcher/coder/hacker. In short this is how he managed to hack Facebook (article here). First he get’s an idea, that reseting multiple accounts on the same time could cause facebook to resend reset tokens.. Then he writes a script to crawl* different websites in order to collect facebook accounts Each

How to achieve a briliant phishing attack

Sean Cassidy shows how to achieve a briliant phishing attack on Lastpass by combining multiple security holes. This attack is powerfull because the author made a clear roadmap which checks if LastPass is installed, then logging out the user using a known vulnerability in the browser. The author tricks the user to login on the

Buffer Overflow Attacks

In an era where everything is digitized, there is always some scope for a loophole or vulnerability. This loophole forms the crux where hackers squeeze in their mischievous codes and hence flourish their business. You may expect a businessman to cut loose his profit, but you can never bargain on an attacker to miss vulnerability

Best practices for cloud services

Introduction Today most people have a smart phone, tablet or PC. Some years back we stored our photos on backup media such as CD or DVDs. Today different companies compete about getting access to our files. Most people today doesn’t react when a new “app” is installed and permissions is asked to our pictures, private messages or

Cloaking WordPress with “hide my WP”?

There’s a bunch of companies that provides services for cloaking the user’s website. In the previous articles Web scraping – part 1 and Web scraping – part 2 we learned how easy it was to scan multiple sites for vulnerabilities using footprints. This very exact method is dependent on that out footprints can be found on the site –

Net phishing

In this post I’m going to discuss about net phishing (also referred to as “web spoofing”). I still hear about people that have lost real money because of net phishing – and that´s just sad. Net phishing isn’t a new technique and neither a qualified hacking technique, but then keep in mind that most hacks today is based on old hacks,

Web scraping – part 2

Web scraping In the previous article we identified the footprints to use and now it’s time to start coding. First we need to fetch content from a website. In PHP we can do this using CURL or file_get_contents. Downloading source code from website You’ll need a text editor. For this project I picked sublime. To

Web scraping – part 1

Web scraping When a hacker has identified a vulnerability in a system or platform he can choose to either report it (white hat hacker) or scan more systems with the same security hole. One way to do this is “Web scraping” which means scanning a website for specific areas and/or extracting that information. Web scraping